CVE-2024-58015

HIGH

Linux Kernel < 6.13.3 - Out-of-Bounds Read

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using print_array_to_buf_index() function. Array length parameter passed to the function is too big, resulting in possible out-of bound memory error. Decreasing buffer size by one fixes faulty upper bound of passed array. Discovered in coverity scan, CID 1600742 and CID 1600758

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/8700c4bf8b7ed98037d2acf1eaf770ad6dd431d4

Patch

https://git.kernel.org/stable/c/eb8c0534713865d190856f10bfc97cf0b88475b1

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 1.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Details

CWE

CWE-125

Status published

Products (2)

linux/Kernel 6.3.0 - 6.13.3linux

linux/linux_kernel 6.3 - 6.13.3

Published Feb 27, 2025

Tracked Since Feb 18, 2026